mirrors/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2025-01-23 18:41:42 +01:00
Code Issues Projects Releases Wiki Activity
18,126 Commits 130 Branches 272 Tags
Commit Graph

93 Commits

Author SHA1 Message Date
Matt Jankowski
998cf0dd53
Convert auth/setup spec controller->system/request (#33604) 2025-01-16 09:03:46 +00:00
Matt Jankowski
0c690511c2
Convert auth/challenges spec controller->request (#33495) 2025-01-08 08:54:08 +00:00
Matt Jankowski
7bd7705f59
Combine shared-setup examples across spec/controllers/auth/* specs (#32906) 2024-11-15 16:07:26 +00:00
Matt Jankowski
df3b954720
Add DomainHelpers spec support module for DNS/MX stub (#32690) 2024-10-29 15:35:25 +00:00
David Roetzel
e6cda8388c
Move OTP secret length to configuration (#32125) 2024-10-01 09:38:42 +00:00
Matt Jankowski
bf8eaaa9a5
Convert controller spec for security_key_options endpoint to request spec (#31938) 2024-09-18 09:42:36 +00:00
Matt Jankowski
6b6a80b407
Remove body_as_json in favor of built-in response.parsed_body for JSON response specs (#31749) 2024-09-06 09:58:46 +00:00
Matt Jankowski
e1b5f3fc6f
Use response.parsed_body for html response checks (#31750) 2024-09-04 17:29:05 +00:00
Matt Jankowski
f1003b2560
Enable "zero monkey patching" mode in RSpec (#31614) 2024-09-04 05:12:25 +00:00
Matt Jankowski
f1300ad284
Rename jobs/attachments rspec tag names (#29762) 2024-07-08 16:01:08 +00:00
Damien Mathieu
1540f42522
Better tests for auth/registrations#update (#29303) 2024-02-26 16:09:56 +00:00
Wolfgang Fournès
d51c3ac087
Add a missing spec to SessionsController#webauthn_options (#29277) 2024-02-26 16:09:40 +00:00
Matt Jankowski
64f9939e39
Use capture_emails helper to improve email assertions in specs (#29245) 2024-02-19 15:57:47 +00:00
Matt Jankowski
3454fcbd71
Reduce round trips in auth/sessions spec (#29233) 2024-02-16 13:38:49 +00:00
Claire
e2d9635074
Add notification email on invalid second authenticator (#28822) 2024-01-22 13:55:43 +00:00
Claire
3593ee2e36
Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-19 12:19:49 +00:00
Claire
e621c1c44c
Fix registrations not checking MX records for email domain blocks requiring approval (#28608) 2024-01-15 17:10:57 +00:00
Matt Jankowski
00341c70ff
Use Sidekiq fake! instead of inline! in specs (#25369) 2024-01-10 11:06:58 +00:00
Claire
dfdadb92e8
Add ability to require approval when users sign up using specific email domains (#28468) 2024-01-04 09:07:05 +00:00
Matt Jankowski
513d35969e
Fix RSpec/LetSetup cop in auth controller specs (#28464) 2023-12-22 08:03:59 +00:00
Claire
6fed0fcbaa
Remove unneeded settings cleanup from specs (#28425) 2023-12-19 15:17:22 +00:00
Matt Jankowski
b2c5b20ef2
Fix RSpec/AnyInstance cop (#27810) 2023-11-14 14:52:59 +00:00
Matt Jankowski
69d00e2721
Fix RSpec/InstanceVariable cop (#27766) 2023-11-08 15:42:30 +00:00
Matt Jankowski
e545978076
Use framework helpers instead of i-vars in controller specs (#27767) 2023-11-08 08:17:43 +00:00
Matt Jankowski
2e6bf60f15
Use deliveries.size in mailer-related examples in controller specs (#27589) 2023-10-27 15:33:52 +00:00
Matt Jankowski
6c5a2233a8
Fix RSpec/StubbedMock cop (#25552) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-07-12 10:20:10 +02:00
Matt Jankowski
05f9e39b32
Fix RSpec/VerifiedDoubles cop (#25469) 2023-06-22 14:55:22 +02:00
Matt Jankowski
6c0e3f490a
Fix RSpec/MissingExampleGroupArgument cop (#25310) 2023-06-06 15:51:42 +02:00
Matt Jankowski
0f2c16ac4b
Fix RSpec/NoExpectationExample cop (#25103) 2023-05-26 09:41:12 +02:00
Matt Jankowski
604e1c2b11
Remove usage of random sample values in specs (#24869) 2023-05-15 20:20:13 +02:00
Matt Jankowski
a610a02d4f
Fix RSpec/ScatteredSetup cop (#24848) 2023-05-11 10:32:09 +02:00
Matt Jankowski
c97b611b6b
Fix RSpec/InferredSpecType cop (#24736) 2023-05-04 05:49:53 +02:00
Matt Jankowski
710745e16b
Fix RSpec/ContextWording cop (#24739) 2023-05-04 05:49:08 +02:00
Matt Jankowski
d00e45a7d3
Fix Rails/I18nLocaleAssignment cop (#24693) 2023-04-30 14:07:03 +02:00
Eugen Rochko
e98c86050a
Refactor Cache-Control and Vary definitions (#24347) 2023-04-19 16:07:29 +02:00
Matt Jankowski
688287c59d
Coverage improvement round-out following up previous work (#23987) 2023-03-10 13:33:30 +01:00
Nick Schonning
84cc805cae
Enable Style/FrozenStringLiteralComment for specs (#23790) 2023-02-22 09:55:31 +09:00
Nick Schonning
5116347eb7
Autofix Rubocop RSpec/BeEq (#23740) 2023-02-20 06:14:50 +01:00
Nick Schonning
4552685f6b
Autofix Rubocop RSpec/LeadingSubject (#23670) 2023-02-20 13:24:14 +09:00
Nick Schonning
aef0051fd0
Enable Rubocop HTTP status rules (#23717) 2023-02-20 11:16:40 +09:00
Nick Schonning
81ad6c2e39
Autofix Rubocop Style/StringLiterals (#23695) 2023-02-19 07:38:14 +09:00
Nick Schonning
634368c491
Autofix Rubocop Lint/SymbolConversion (#23683) 2023-02-18 03:23:49 +01:00
Nick Schonning
669f6d2c0a
Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Francis Murillo
5fb1c3e934
Revoke all authorized applications on password reset (#21325) 
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
 2022-12-15 15:47:06 +01:00
Claire
327eed0076
Fix suspicious sign-in mails never being sent (#18599) 
* Add tests

* Fix suspicious sign-in mails never being sent
 2022-06-21 15:16:22 +02:00
Eugen Rochko
6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 2022-04-06 20:58:12 +02:00
Claire
e38fc319dc
Refactor and improve tests (#17386) 
* Change account and user fabricators to simplify and improve tests

- `Fabricate(:account)` implicitly fabricates an associated `user` if
  no `domain` attribute is given (an account with `domain: nil` is
  considered a local account, but no user record was created), unless
  `user: nil` is passed
- `Fabricate(:account, user: Fabricate(:user))` should still be possible
  but is discouraged.

* Fix and refactor tests

- avoid passing unneeded attributes to `Fabricate(:user)` or
  `Fabricate(:account)`
- avoid embedding `Fabricate(:user)` into a `Fabricate(:account)` or the other
  way around
- prefer `Fabricate(:user, account_attributes: …)` to
  `Fabricate(:user, account: Fabricate(:account, …)`
- also, some tests were using remote accounts with local user records, which is
  not representative of production code.
 2022-01-28 00:46:42 +01:00
Eugen Rochko
8e84ebf0cb
Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
Claire
24f9ea7818
Fix webauthn secure key authentication (#16792) 
* Add tests

* Fix webauthn secure key authentication

Fixes #16769
 2021-09-30 05:26:29 +02:00
Claire
94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607) 
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
 2021-08-25 22:52:41 +02:00